• Home

  • Technology

  • Использование маршрутизаторов ASR1000 в корпоративных...

If you can't read please download the document

Использование маршрутизаторов ASR1000 в корпоративных сетях связи

Embed Size (px)

DESCRIPTION

 

Citation preview

2. ASR1000 ASR1000 Easy Virtual Network (EVN) 3. ASR1000 4. :Data Plane, Control Plane Management PlaneCONTROL AND MANAGEMENT PLANEManagement ManagementRouting L2ICMP ..keepalivesSNMP, TelnetSSH, SSL UpdatesINPUT to the RP Control Plane Management Plane ProcessorSwitched PacketsINCOMING PACKETCEF Input OUTPUT PACKET PACKETS BUFFER Forwarding Path Data Plane, BUFFER LocallySwitched PacketsCEF/FIB LOOKUP 5. ASR1000ESP RPRP ESPEmbedded ServicesRoute RouteEmbedded Services RP (Route Processor) Processor Processor Processor Processor control plane(standby)(active)(active) (standby) FECP FECP RPRP ESP (Embedded Services Processor) forwardingplane, Interconn.Interconn. CryptoQFP CryptoQFPassist assist SIP (SPA Interface Processor) SharedInterconn.Interconn.Port Adapters Passive Midplane ESP Interconn.Interconn.Interconn. SPA IOCP SPAIOCPSPAIOCP Agg. Agg. Agg. SPA SPA SPASPA SPA SPASPASPASPASPA SPASPASPASIP SIP SIP ESI, (Enhanced Serdes) 11.5Gbps or 23Gbps.SPA-SPI, 11.2GbpsHypertransport, 10Gbps 6. Cisco ASR 1000 2 1 Cisco ASR 1001SIP SPA 0 SPA 1ESP 0 1 SIP RP 0Cisco ASR1006 RP 1 ESP SIP SPA 0/0 0/1 0 0/2 0/3ESP 0 RP 0 RP Cisco ASR1004 SIPESPSPA Cisco ASR 1013 Cisco ASR1002 7. RPRoute Processor RP1 RP2RP1 RP2Dual-Core Intel Xeon 2.661.5 GHz Freescale 8548GHz 4GB 8GB 16GB1GB 2GB bootflash(8GB ASR-1002) CON / AUX / ETH CON / AUX / ETHHDD 40HDD80HDD . USB 8. ESP ESP-5GESP-10G ESP-20G ESP-40G 5Gbps 10Gbps20Gbps40Gbps QFP 20QFP 40QFP 40QFP 40 900 MHz 900 MHz 1.2 GHz 1.2 GHz ~ 1Gbps 3 Gbps8 Gbps10 Gbps 256 MB512 MB 1GB 1GB QFP 64 MB 128 MB256 MB256 MB TCAM10 MB10 MB 40 MB 40MB 9. Control PlaneESP RPRPESP (active)(active)(Standby)(Standby) control planeFECPFECP RPRPdataplane QFPEthernet out-of-band Crypto subsys- CryptoQFPsubsys- Channel (EOBC).assist tem assist temI2C Interconn.Interconn. Midplane SPA Interconn. Interconn.Interconn. IOCP SPA SPAIOCPSPA IOCP SPAIOCPAgg. Agg. Agg. EOBC I2C Inter Integrated Circuit SPA Control SPA SPASPA SPA SPA SPA SPA Bus 10. DataplaneESP RPRP ESP Embedded ServicesRoute RouteEmbedded Services ESP Processor Processor Processor Processor(active)(active) (standby)(standby): Punt path Legacy FECPRPRP FECP RPInterconnect ASIC Interconn.Interconn. QFP QFPCrypto Crypto assist assist backplane ESIESI (Enhanced Serdes Interconn.Interconn. Interconnect) Passive MidplaneSPA backplane SPA-Agg ASIC SPA-SPI Interconn.Interconn.Interconn.SPA IOCP SPAIOCPSPAIOCPAgg. Agg. Agg.SPA SPA SPASPA SPA SPASPASPASPASPA SPASPASPASIP SIP SIP 11. ASR 1000 ASR1001 ASR1002ASR1004ASR1006ASR1013 2,5 5 / 10 / 40+ / 40+ / 40+ /4 GE4 GE ESP5 ()ESP10 () ESP10 ()Embedded Services ESP10 () ESP20 () ESP20 ()Processors ESP2.5/5 () (ESP)ESP40 () ESP40 ()ESP40 () RP1 () RP1 ()Route Processor (RP) RP ()RP1 () RP2 () RP2 ()RP2 () SPA InterfaceSIP10SIP10 SIP10Processor SIP40SIP40SIP40(SIP)- SPA1 38 12 241 12 12. ASR1000: 13. WAN- Private Line/ WAN- Internet MPLS VPN WAN Internet Internet WANGW Router Redundant Firewalls Metro Ethernet WAN- L2 Box-Box Redundancy (HSRP) VPN Termination Campus/Data Center 14. WAN- MLP ASR 1000 Internet / Private IP (DSL/FE/GigE) , WANFrame Relay 28xx : ASR1000-ESP5, 10, 20, 40 MPLS IP VPN (GigE)ASR1000-RP1 RP2 : Control Data plane ISSU, - NBAR, FPM, QoS E1, E3, STM1 18xx 38xx28xx 15. WAN- ASR 1000 WAN Router QFP ASR 1000, , VPNNBAR, FPMWAN ESP-10: WAN : 4 . site-to-site remote tunnels, IPsec 8/ WANInternet : IPsec, VPN services, Application Intelligence - NBAR, FPM Site-to-Site VPNRemote Access VPN ISR 16. WAN- Internet Service ASR 1000 WAN Router Provider Internet Gateway Hub Site QFP ASR 1000NAT/VPN FW - : 40/ Firewall, 8/ , QoS -: Netflow v9, Cisco SecurityWANManager, LAN Mgmt Solution, ERSPAN : Firewall, NAT, NAC, NBAR, QoS, ACL ISRISR ISP 17. KeyFirewall/NAT Box to Box RedundancyGreen : ActiveActive-Standby Yellow : Standby Virtual IP 1Virtual IP 1Virtual MAC 1 Virtual MAC 1 Control LinkASR 2ASR 1Group AGroup AData LinkVirtual IP 2 Virtual IP 2 Virtual MAC 2Virtual MAC 2 18. KeyASR 1000 B2B Active-Active Green : ActiveYellow : Standby VIP/VMAC 1 VIP/VMAC 3VIP/VMAC 1Control LinkGroup BASR 2ASR 1 Group A Group B Group A Data LinkVIP/VMAC 2 VIP/VMAC 4VIP/VMAC 2 19. Firewall/NAT Box to Box Redundancy Active-Standby Active-Active Firewall/NAT Failover Control Interface Failover Protocol Failover Data Interface Firewall NAT ASR1006, ASR1013 Box to Box redundancy Firewall/NAT LAN to LAN , LAN-WAN 20. Box-to-Box Redundancy RGTraffic Interfaceredundancyinterface gi1/0/0application redundancy groupredundancy group 1 ip 10.1.1.1 exclusivemode noneprotocol 1 decrement 50 name prot1 #Use the same virtual IP address for the same timers hellotime msec 250 holdtime msec 750group on the same LAN for both routersprotocol 2 #For active-standby scenario, only one RG name prot2 group is needed timers hellotime 1 holdtime 3redundancy group 2 ip 20.1.1.1 exclusive decrement 50 Active-Active RGredundancy rii 100#RII should be the same across boxes for theredundancymapped interfaceapplication redundancy groupgroup 1name RG1interface gi1/0/1preempt redundancy group 1 ip 30.1.1.1 exclusivepriority 205 failover-threshold 200decrement 50#The other router has lower priority for this group redundancy group 2 ip 40.1.1.1 exclusivecontrol gi0/0/0 protocol 1decrement 50data gigi0/0/1redundancy rii 101#Control and data links can be the same #For active-standby scenario, only one RG group is needed group 2 name RG2 priority 195 failover-threshold 190 #The other router has higher priority for this group control gi0/0/0 protocol 2 data gi0/0/1 21. ASR1000: (DCI) + WAN LoopIntegrated Prevention H-QoS, NetFlow, RedundancyGETVPN Scalability 8Gbps Built-inSP MPLS/IP Service 10G Ports Encryption H-QOSIntranetEoPLS PE EoPLS PEEoPLS PE EoPLS PE Port mode EOMPLS xconnect802.1Q Links Local LocalWAN (DCI + Intranet) STP STP Remote Port Shutdown 22. ASR1000:Easy Virtual Network 23. Easy Virtual Network Per VRF: EVN Virtual Routing TableVirtual Forwarding Table Control plane virtualizationVRF Data plane virtualizationVRF Services virtualization Global 802.1q Hop-by-Hop (EVN/VRF-LIte End-to-End)IP/MPLS Multi-Hop (EVN/VRF-Lite+GRE, MPLS-VPN)VRF: Virtual Routing and Forwarding 24. Easy Virtual Networks L3 UserVLAN 10 VRF L2 VLAN AttachmentVLAN 20 VRFCircuit (AC) VRF L3VNET Tag 101 VNET Tag 102VNET Tag 101VNET Tag 102VNET TrunkVNET Tunk VNET trunk. 802.1q IGPs VRF VNET Tag 101 VNET Tag 102 VNET Tag 101VNET Tunk VNET Tag 102 VNET Tunk VNET Tag 101VNET Tag 102. VNET TunkVLAN 10VLAN 20 AC VRF VRF 25. EVN : VRFs 1. Create VRFs and allocateunique VNET tags for each VRF vrf definition user-avnet tag 11es2-sd4es2-sd3vrf definition user-bvnet tag 12 vrf definition user-c Si Sivnet tag 13 e1/02. Map VRFs to appropriateL3 Coreinterfaces e1/0! interface Loopback11es2-d3 vrf forwarding user-a es2-d4! SiSi interface e0/0.11 g1/1vrf forwarding user-a interface e0/0.12Layer 2vrf forwarding user-c interface e0/0.13Trunks vrf forwarding user-b !L2 D2L2 D1 3. Transport all provisioned VRFs onTrunk interfaces VLAN 21 user-a VLAN 31 user-a ! VLAN 22 user-c VLAN 32 user-c interface e1/0 VLAN 23 user-b VLAN 33 user-bvnet trunk 26. VRF vnet trunkVNET Trunk VRF Sub-interfaces !!interface Ethernet1/0.11interface Ethernet1/0description Subinterface for VNET services vrf forwarding user-avnet trunk encapsulation dot1Q 11ip address 125.1.15.18 255.255.255.0 ip address 125.1.15.18 255.255.255.0ip pim sparse-mode ip pim sparse-mode!! interface Ethernet1/0.12 description Subinterface for VNET services vrf forwarding user-b encapsulation dot1Q 12 : ip address 125.1.15.18 255.255.255.0 ip pim sparse-mode ! interface Ethernet1/0.13 description Subinterface for VNET user-c vrf forwarding user-c encapsulation dot1Q 13 ip address 125.1.15.18 255.255.255.0 ip pim sparse-mode ! VNET Tag VRF - IP VRF 27. VRF-Lite VNET Trunk VRF-Lite Device EVN DeviceVRF-Lite ConfigEVN config!!vrf definition user-cvrf definition services!vnet tag 10vrf definition services !! vrf definition user-cinterface Ethernet1/0ip address 125.1.1.11 255.255.255.0vnet tag 13ip pim sparse-mode !!interface Ethernet1/0interface Ethernet1/0.10 vnet trunkdescription Subinterface for VNET services ip address 125.1.1.11 255.255.255.0vrf forwarding servicesip pim sparse-modeencapsulation dot1Q 10 !ip address 125.1.1.11 255.255.255.0ip pim sparse-mode!interface Ethernet1/0.13description Subinterface for VNET user-cdot1Q tag vnet tagvrf forwarding user-cencapsulation dot1Q 13 ip address 125.1.1.11 255.255.255.0ip pim sparse-mode 28. Routing Context VRF Verification CLI Routing contextes2-d4#show ip route vrf user-a es2-d4#routing-context vrf user-aRouting table output for redes2-d4%user-a#es2-d4#ping vrf user-c 10.1.1.1 es2-d4%user-a# show ip routePing result using VRF red Routing table output for redes2-d4#telnet 10.1.1.1 /vrf user-aes2-d4%user-a# ping 10.1.1.1Telnet to 10.1.1.1 in VRF red Ping result using VRF redes2-d4#traceroute vrf user-a 10.1.1.1 es2-d4%user-a# telnet 10.1.1.1Traceroute output in VRF redTelnet to 10.1.1.1 in VRF redes2-d4%user-a# traceroute 10.1.1.1Traceroute output in VRF red 29. EVN:Shared Services Route Replicationshow ip route vrf services R4 10.0.0.0/8 20.0.0.0/8 R3 e 10.0.0.0/8 R1 route20.0.0.0/8redistribution R3R3R410.1.1.110.0.0.0/8 user-a 126.1.17.0/24 126.1.9.1R2services20.0.0.0/8 Fusion Point vrf definition services20.1.1.1 route-replicate from vrf user-a unicast all route-map red-map user-croute-replicate from vrf user-c unicast all route-map grn-mapvrf definition user-a route-replicate from vrf services unicast all R1 R2 vrf definition user-c126.1.9.0 route-replicate from vrf services unicast all route redistribution R3 30. EVN: Route Replication RIB VRF services Route TypeDest Int NextHop Route Replication RIB 126.1.17.0/24 ConnectedGi0/1 VRF 126.1.9.0/24OSPF Gi0/1 126.1.17.13router ospf 99 vrfservices 126.1.12.0/24 OSPF Gi0/1 126.1.17.13 network 126.1.0.0 0.0.255.255 area 0!router ospf 98 vrfuser-a 126.1.14.0/24 OSPF Gi0/1 126.1.17.13 network 126.1.0.0 0.0.255.255 area 0vrf definition user-a ! RIB VRF user-aaddress-family ipv4 route-replicate from vrf services unicast all Route TypeDest Int NextHop exit-address-family 126.1.9.0/24OSPF Gi0/1 126.1.17.13 126.1.12.0/24 OSPF Gi0/1 126.1.17.13 126.1.14.0/24 OSPF Gi0/1 126.1.17.13 31. Shared Services Route Replication Redistribution show ip route vrf servicesR1 10.0.0.0/8 20.0.0.0/8 R3R410.1.1.110.0.0.0/8 user-a126.1.17.0/24 126.1.9.1R220.0.0.0/8 router ospf 99 vrf servicesredistribute vrf user-a ospf 98 subnetsredistribute vrf user-c ospf 97 subnets user-crouter ospf 98 vrf user-a20.1.1.1redistribute vrf services ospf 99 subnets router ospf 97 vrf user-credistribute vrf services ospf 99 subnets show ip route vrf user-c1.Replicate 2.Redistribute 126.1.9.0 R3 32. EVN: : shared: services Route Replication EVN ip vrf services BGPrd 3:3route-target export 3:3 Route Distinguisherroute-target import 1:1route-target import 2:2 Route Targets ! ip vrf user-a Import/Exportrd 1:1 route-target export 1:1route-target import 3:3vrf definition services ! ip vrf user-b !rd 2:2 address-family ipv4route-target export 2:2route-target import 3:3route-replicate from vrf user-a unicast all ! route-replicate from vrf user-b unicast all route- router bgp 65001bgp log-neighbor-changes map userb!exit-address-familyaddress-family ipv4 vrf servicesredistribute ospf 3!no auto-summaryvrf definition user-ano synchronizationexit-address-familyvnet tag 11!!address-family ipv4 vrf user-aredistribute ospf 1address-family ipv4no auto-summaryroute-replicate from vrf services unicast allno synchronizationexit-address-familyexit-address-family!!address-family ipv4 vrf user-bredistribute ospf 2vrf definition user-bno auto-summaryvnet tag 12no synchronizationexit-address-family! ! address-family ipv4 route-replicate from vrf services unicast all exit-address-family ! 33. EVN: EVN VRF Lite VRF Lite, MPLS VPN MPLS VPN over mGRE I ASR1000 IOS XE 3.2S VNET Tag VNET Trunk Sub-interface vnet tag Route Replication: Shared Services IGP routing-context: ping, traceroute, debug condition, cisco-vrf-mib 34. ASR1000: ESP-80G 32../, 80/ ASR1006 ASR1013 RP2 RP 2012 ESP-160G 64../, 160/ ASR1013 RP2 RP 2012 ASR1002-x 2012 40/ 6 Gigabit Ethernet SFP 3 SPA 2 PVDM 35. ! . .


ASR1000 QoS FAQ

ASR1000 QoS FAQ

Documents
Настройка маршрутизаторов Juniper серии MX

Настройка маршрутизаторов Juniper серии MX

Technology
Услуги в области корпоративных финансов Financial Advisory ... · Услуги в области корпоративных финансов

Услуги в области корпоративных финансов Financial Advisory ... · Услуги в области корпоративных финансов

Documents
Обзор маршрутизаторов Cisco 43XX-44XX, 12-2014

Обзор маршрутизаторов Cisco 43XX-44XX, 12-2014

Technology
Геймификация корпоративных ценностей

Геймификация корпоративных ценностей

Recruiting & HR
особенности использования домашних маршрутизаторов

особенности использования домашних маршрутизаторов

Documents
Услуги для корпоративных клиентов:

Услуги для корпоративных клиентов:

Documents
SDN в корпоративных сетях

SDN в корпоративных сетях

Technology
ИСПОЛЬЗОВАНИЕ ИНСТРУМЕНТОВ КОРПОРАТИВНЫХ ФИНАНСОВ

ИСПОЛЬЗОВАНИЕ ИНСТРУМЕНТОВ КОРПОРАТИВНЫХ ФИНАНСОВ

Documents
Современные тренды корпоративных событий

Современные тренды корпоративных событий

Business
ASR1000 - IOS-XE - Troubleshooting - ISG Accounting

ASR1000 - IOS-XE - Troubleshooting - ISG Accounting

Documents
Конфиг маршрутизаторов Cisco

Конфиг маршрутизаторов Cisco

Documents
Конфиденциальность корпоративных данных

Конфиденциальность корпоративных данных

Education
Анализ уязвимостей корпоративных сетей

Анализ уязвимостей корпоративных сетей

Software
Руководство пользователя PC – Банкинг для корпоративных ... · кинг для корпоративных клиентов осуществляется

Руководство пользователя PC – Банкинг для корпоративных ... · кинг для корпоративных клиентов осуществляется

Documents
Asr1000 Qos Arch

Asr1000 Qos Arch

Documents
исследование корпоративных сми

исследование корпоративных сми

Documents
Маршрутизатор ASR1000

Маршрутизатор ASR1000

Technology
Маршрутизатор ASR1000. Архитектура и применение

Маршрутизатор ASR1000. Архитектура и применение

Technology
Азбука корпоративных продаж

Азбука корпоративных продаж

Sales
Правда о корпоративных СМИ

Правда о корпоративных СМИ

Business
Архитектура корпоративных систем

Архитектура корпоративных систем

Technology
Обновления в серии маршрутизаторов ASR9k

Обновления в серии маршрутизаторов ASR9k

Technology
Результаты конкурса корпоративных СМИ

Результаты конкурса корпоративных СМИ

Social Media
Microsoft PowerPoint - ASR1000 QoS ILT v4

Microsoft PowerPoint - ASR1000 QoS ILT v4

Documents
Каталог новогодних корпоративных подарков

Каталог новогодних корпоративных подарков

Documents
Функции безопасности маршрутизаторов Cisco

Функции безопасности маршрутизаторов Cisco

Technology
Новинки продуктовой линейки маршрутизаторов с интеграцией сервисов (ISR)

Новинки продуктовой линейки маршрутизаторов с интеграцией сервисов (ISR)

Technology
Байкал для корпоративных клиентов

Байкал для корпоративных клиентов

Travel
ASR1000 System and Solution Architecture - Deniz AYDINmonsterdark.com/wp-content/uploads/BRKARC-2001-Cisco-ASR1000... · ASR1000 System and Solution Architecture BRKARC ... architectures

ASR1000 System and Solution Architecture - Deniz AYDINmonsterdark.com/wp-content/uploads/BRKARC-2001-Cisco-ASR1000... · ASR1000 System and Solution Architecture BRKARC ... architectures

Documents